Security

Unfortunately, the web is becoming a much more dangerous place as 0.1% of the entire internet is malicious. Moreover, there are no safe neighborhoods... Even sites like Al Gore's An Inconvenient Truth and the Miami Dolphins have been attacked in the past.

Even the MySpace profile of Alicia Keys has been used to spread malicious code.

Hackers have gotten quite good at ferreting out unprotected pages and subsequently loading these pages with their "evil-doing" programs.

A few months back TMC was bombarded by hackers looking to insert malicious code into pages via SQL injection in fact.

Website owners have to be vigilant and always on alert to such practices by hackers who are constantly evolving.

Amazon has been getting lots of positive press lately on its new storage initiative Simple Storage Service or S3. The service has been a tremendous help to startups as well as established companies as it lowers the cost of scaling a company rapidly and allows a company to focus on its core strengths while relying on Amazon to focus on theirs.

Salesforce.com has similar visions of helping companies by providing cloud based servivces that allow companies to build exciting new products and services without starting from scratch and building huge data centers, etc.

Unfortunately for Amazon, they are in the middle of an outage and not unlike Salesforce.com, they are going to have to reassure the market that this won't happen again. Then again, Salesforce.com has had a few outages over the years and it hasn't seemed to slow their growth.

I have to kick myself because I did it again. Sometimes I think I will never learn. Nobody wants to pay more than they should so when I somehow pulled a muscle in my neck while sleeping, I found myself in the pharmacy looking for a heat patch to soothe the pain

The generic brand had signs on it "Compare to Thermacare" so I purchased it. I saved a bit… I don't even know how much but it was likely a few bucks.

It is pretty amazing to see how many separate issues are surfacing that could affect the future of the internet. The FCC and government have their plates full deciding what to do with telcos and their potentially anti-competitive practices.

The first issue at hand is net neutrality. Congressman Edward Markey (D-Mass.) introduced the “Internet Freedom Law” this week.

Rather than detailing specific regulations, the new Markey bill calls on the FCC to conduct a “thorough inquiry” to determine “broadband policies that will promote openness, competition, innovation, and affordable, ubiquitous broadband service for all.”
Part of the commission’s task is to conduct an “Internet freedom assessment” to determine whether or not service providers are adhering to “the Commission’s Broadband Policy Statement of August, 2005,” which prohibits actions that might interfere with users’ ability to access or use lawful content and services over the Internet and to attach any legal device that does not harm the network.

Next up is the case of BitTorrent and specifically, the fact that Comcast has been caught throttling traffic from this peer to peer file sharing network often used to send and receive videos. Comcast says they are within their rights to throttle bandwidth as needed to ensure things like voice get the proper quality of service while others are concerned that throttling bandwidth relating to applications violates the concept of net neutrality.

Finally, the issue of short codes has surfaced once again as Verizon has denied the use of these codes to Rebtel, a competitive service provider and others.

This month could be looked back upon as a pivotal one in the world of Internet freedom and the shaping of the world's net policies.

A staggering $133 billion dollars will be spent on communications services by businesses in 2008 according to Insight Research. 39% of this spending will be on cell phone bills. This staggering amount could be reduced if companies explore IP communications solutions that currently exist on the market.

If the economy is indeed slowing, a painless way to save money is to explore the world of IP communications more thoroughly and picking solutions which not only save your business money but they also increase flexibility and customer satisfaction.

Even if you have an IP PBX, be sure you also have SIP trunking so your calls are routed in the most cost-effective fashion possible. If you are a big user of telephony be sure to look at VoIP peering.

8x8 the parent of Packet8 has been reissued a patent 6,483,532 entitled, "Video-Assisted Audio Signal Processing System and Method."

The patent relates to an arrangement for controlling audio signal transmissions for a communications system that includes a microphone and a video camera. The reissued patent is dated February 12, 2008 and contains eleven new claims which strengthen the company's intellectual property rights related to this invention.

The company has been awarded over 71 patents so far in the fields of voice, storage and video. This portfolio probably did not seem so important a few years back but today it is crucial to have as we have found that telcos are beginning to wield their patents as weapons and smaller companies like VoIP Inc. are using them as a way to generate revenue.

Earlier today the U.S. Senate defeated an Amendment to strike the provisions providing immunity from civil liability to electronic communication service providers for certain assistance provided to the Government.

The White House-backed surveillance measure, which grants legal immunity to companies alleged to have helped the government's warrantless spy program, passed the Senate yesterday. Now the battle shifts to the House of Representatives, where the House bill passed last year doesn't include a provision to immunize phone companies. The law that currently governs government surveillance is set to expire at the end of this week.

Tom Keating alerted to me a new phone hack which is for now targeting SNOM IP phones.

The big hack involves the ability of some VoIP phones to make phone calls from the Web interface using a simple web POST request. The Snom 32x supports this feature which along with some security vulnerabilities is what GNUCitizen exploited to have some real fun, like ya know, making an outbound call using a spoofed CallerID.

Hackers will need the IP address of the phone being targeted to launch the attack, but using a simple scanner they can use a cross-site scripting attack to hack the phone’s built-in management interface.

Illegal stuff a hacker can do:

Steal the phone history from the logs including any other details attached to the calls via XHR.

Poison the address book with a persistent XSS - the name is encoded correctly but not the phone number.